This hands-on class will walk attendees through leveraging the open source ELK stack to analyze logs to proactively identify malicious activity. The basic tools and techniques taught during this class can be used to investigate isolated security incidents or implemented at scale for continuous monitoring.
Attendees will need to bring their own Windows/Linux/macOS laptop with 8+ GB RAM, WiFi, and VirtualBox or VMware installed. A VM will be made available to attendees for download before class, as well as available on USB flash drives at the start of class.